Q1. Which two application protocols require application layer gateway support when using NAT on a Cisco router? (Choose two.)
A. SIP
B. HTTP
C. FTP
D. SMTP
E. POP3
Answer: A,C
Q2. Which protocol uses a proprietary 2-byte Type field for multiple protocol support?
A. HDLC
B. PPP
C. CHAP
D. PAP
Answer: A
Q3. Which two discovery mechanism does LDP support? (Choose two.)
A. strict
B. extended
C. loose
D. targeted
E. basic
Answer: B,E
Q4. Refer to the exhibit.
Which statement is true?
A. It is impossible for the destination interface to equal the source interface.
B. NAT on a stick is performed on interface Et0/0.
C. There is a potential routing loop.
D. This output represents a UDP flow or a TCP flow.
Answer: C
Explanation:
In this example we see that the source interface and destination interface are the same (Et0/0). Typically this is seen when there is a routing loop for the destination IP address.
Q5. Which three steps are necessary to enable SSH? (Choose three.)
A. generating an RSA or DSA cryptographic key
B. configuring the version of SSH
C. configuring a domain name
D. configuring VTY lines for use with SSH
E. configuring the port for SSH to listen for connections
F. generating an AES or SHA cryptographic key
Answer: A,C,D
Explanation:
Here are the steps:
1. Configure a hostname for the router using these commands.
yourname#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
yourname (config)#hostname LabRouter
LabRouter(config)#
2. Configure a domain name with the ip domain-name command followed by whatever you would like your domain name to be. I used CiscoLab.com.
LabRouter(config)#ip domain-name CiscoLab.com
3. We generate a certificate that will be used to encrypt the SSH packets using the crypto key generate rsa command.
Take note of the message that is displayed right after we enter this command. “The name for the keys will bE. LabRouter.CiscoLab.com” — it combines the hostname of the router along with the domain name we configured to get the name of the encryption key generated; this is why it was important for us to, first of all, configure a hostname then a domain name before we generated the keys.
Notice also that it asks us to choose a size of modulus for the key we’re about to generate.
The higher the modulus, the stronger the encryption of the key. For our example, we’ll use a modulus of 1024.
Q6. Which switching technology can be used to solve reliability problems in a switched network?
A. fragment-free mode
B. cut-through mode
C. check mode
D. store-and-forward mode
Answer: D
Explanation:
Characteristics of Store-and-Forward Ethernet Switching
This section provides an overview of the functions and features of store-and-forward Ethernet switches.
Error Checking
Figure 1 shows a store-and-forward switch receiving an Ethernet frame in its entirety. At the end of that frame, the switch will compare the last field of the datagram against its own frame-check-sequence (FCS) calculations, to help ensure that the packet is free of physical and data-link errors. The switch then performs the forwarding process. Whereas a store-and-forward switch solves reliability issues by dropping invalid packets, cut-through devices forward them because they do not get a chance to evaluate the FCS before transmitting the packet.
Figure 1. Ethernet Frame Entering a Store-and-Forward Bridge or Switch (from Left to Right)
Reference: http://www.cisco.com/c/en/us/products/collateral/switches/nexus-5020-switch/white_paper_c11-465436.html
Q7. Refer to the exhibit.
Which two statements are true? (Choose two.)
A. This is the output of the show ip ospf command.
B. This is the output of the show ip protocols command.
C. This router is an ABR.
D. This router is an ASBR.
E. Authentication is not configured for the area.
Answer: A,E
Explanation:
The following is sample output from the show ip ospf command when entered without a specific OSPF process ID with no authentication.
Router# show ip ospf
Routing Process "ospf 201" with ID 10.0.0.1 and Domain ID 10.20.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 100 secs
Interface flood pacing timer 55 msecs
Retransmission pacing timer 100 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0)
Number of interfaces in this area is 2
Area has no authentication
SPF algorithm executed 4 times
Area ranges are
Number of LSA 4. Checksum Sum 0x29BEB
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 3 Number of indication LSA 0
Number of DoNotAge LSA 0 Flood list length 0
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/command/iro-cr-book/ospf-s1.html#wp8749965360
Q8. DRAG DROP
Drag and drop the EIGRP term on the left to the corresponding definition on the right.
Answer:
Q9. Refer to the exhibit.
All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP link metrics. Which two ports are in blocking state after STP converges? (Choose two.)
A. the port on switch SWD that connects to switch SWE
B. the port on switch SWF that connects to switch SWG
C. the port on switch SWD that connects to switch SWC
D. the port on switch SWB that connects to switch SWD
Answer: C,D
Explanation:
This is a scenario that wants you to demonstrate understanding of the Root switch and Root port election process. So, it’s best to start with where the root switch will be and work down from there. It’s setup nicely because the lowest MAC address switch starts at the top and then the lower priority/higher mac addresses move down the architecture. SWA wins the root election and of course all ports in SWA are forwarding. SWB introduces the possibility for a switching loop so it’s important to understand which ports will be put into the blocking state. Since SWD is a higher MAC address it will end up with a blocked port connected to SWB to prevent a loop: and this is one of the correct answers. To prevent the possibility of another potential switching loop, SWD again ends up with the higher MAC address so blocking the link between D and C prevents a B/C/D switching loop.
Q10. Refer to the exhibit.
Which two configuration changes enable you to log in to the router? (Choose two.)
A. Configure a user name and password on the device.
B. Modify the default login authentication group to use the terminal line password.
C. Remove the terminal line password on the console line.
D. Modify the terminal lines to include transport input none.
E. Configure the terminal lines to use the local user database.
Answer: A,B